One way to manage BYOD: Limit the options

Agencies looking to accommodate employees’ personal smart phones and tablets in the enterprise first have to develop a “bring your own device” policy. If IT officials are looking for a model, Intel offers one in a new white paper.

Like many government departments, Intel has a sprawling workforce that extends around the country and the world. In 2010, Intel IT instituted a mobile device program that by 2011 accommodated about 29,000 devices, 17,000 of which were personally owned, according to the paper.

The IT shop’s goal was to come up with an evaluation process that could rule on allowable devices quickly and create a BYOD program that could function without overwhelming the help desk. Step one: Limit the options. Then evaluate products under five general criteria.

The white paper acknowledges how quickly new smart phones and tablets emerge and that people do become smitten with them. Since 2010, the report says, the IT shop has been asked to support more than 450 devices running on seven or eight OSes, each with an average of three versions at any one time.

That would have been unwieldy, so IT evaluated the most popular mobile OSes on the market and settled on three (the report doesn’t say which ones). Similarly, it focuses on only the most popular mobile devices.

This runs counter to the advice of some other experts, who have recommended supporting as many platforms as possible, based on the conviction that people will use their devices for work regardless. Intel’s paper, however, focused on the advantages of managing fewer types of devices and clearly letting employees know which are allowed.

With each new OS version or device, Intel performs a pre-evaluation, taking into account the product’s popularity, enterprise needs and user input, to weed out products that don’t meet basic standards. The next step is a paper evaluation, based on such things as vendor specs and the organization’s needs. If a device or OS passes that stage, the IT shop performs a full evaluation before deciding whether to allow it.

The goal is to able to rule on whether to allow a device within two weeks of when it’s available for purchase, the white paper says.

Despite the two-week window, Intel’s evaluation criteria is fairly detailed, rating a variety of functions and features within five general categories. It covers:

Security, including whether a device allows encryption, requires a password when being powered up, can keep personal and business content separate, allows virtual private network connections, stores credential safely and has a high level of intrusion prevention.

Productivity, including support for offline use, intelligent updates, blended social interface, broadcast updates, speed in performing tasks and whether the device has a mature ecosystem of available apps.

Ease-of-use, including whether it has an intuitive user interface, allows updates easily and lets users switch between tasks fluidly, and allows multiple input options, such as a touch careen and a wirelessly connected keyboard.

The IT shop applies a score of 0, 1 or 2 in each of these categories and then tallies up the score.

“Having a formal and rapid process in place for evaluating mobile OS updates and new handheld devices helps Intel IT keep up with employee demand, even as the number of OS updates and connected devices continues to grow,” the white paper concludes.

And a key to the process is the pre-evaluation, which keeps the number of OSes and devices to be evaluated and supported at a manageable number, the report says.

About the Author

Kevin McCaney is editor of Defense Systems. Follow him on Twitter: @KevinMcCaney.